Cyber Defense Engineer

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us

Job Description

Job Summary:

As an OT Cybersecurity Detection Engineer, you will be responsible for designing, implementing, and managing detection strategies and tools to respond to cyber threats targeting critical OT/ICS environments. You will work with both internal and external cyber security teams to ensure the security and resilience of our industrial infrastructure. We are looking for an understanding of OT protocols, industrial control systems, OT threat intelligence and cybersecurity best practices, coupled with.

You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune.

• Develop detection rules, correlation searches, and alerting mechanisms within our Security Information and Event Management (SIEM) and other security monitoring tools specifically tailored for OT environments.
• Analyze OT network traffic, system logs, and security events to identify suspicious activity, anomalies, and potential security incidents.
• Develop of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their security possible effects.
• Collaborate with OT operations and engineering teams to understand their processes, and potential vulnerabilities.
• Tune and optimize detection rules to minimise false positives and ensure high-fidelity alerts.
• Maintain documentation for detection strategies, rules, and incident response procedures specific to OT.
• Participate in incident response activities related to OT cybersecurity incidents, providing technical expertise in detection and analysis.
• Contribute to the development of OT security policies, standards, and procedures.
• Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques.
• Recommend new security tools relevant to OT detection capabilities.
• Collaborate with IT security teams to ensure a cohesive and integrated security posture across both IT and OT environments.
• Develop and deliver training or awareness sessions on OT-specific detection techniques for relevant teams.

• Have 2-3years strong understanding of OT protocols, architectures, and common industrial control systems
• Experience with SIEM\SOAR platforms and developing custom correlation rules and alerts.
• Experience analyzing network traffic using tools like Wireshark and understanding OT-specific network protocols.
• Knowledge of common cybersecurity frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443)
• Familiarity with threat intelligence sources and their application to OT environments.
• Technical information to both technical and non-technical audiences.
• Understand internal or external customer needs.

• You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may use a wide array of technologies and partners.
• Across multiple departments with different goals.
• Develop important product and service launches.
• Collaborative culture across the automation engineering team while meeting C&I goals
• Adopt technology best practices around technology & vendor evaluation and managing & maintenance of technology platforms.

Our benefits package includes …

• Comprehensive mindfulness programmes with a premium membership to Calm
• Volunteer Paid Time off available after 6 months of employment for eligible employees.
• Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
• Employee Assistance Program
• Personalised wellbeing programmes through our OnTrack programme
• On-demand digital course library for professional development

... and other local benefits

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-SM1

Rockwell Automation's hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.